From 0755d60ee2c8b54a347ffedbe67260ee716e2278 Mon Sep 17 00:00:00 2001 From: Bashir Sadjad Date: Wed, 20 Mar 2024 16:42:04 -0400 Subject: [PATCH 1/5] Added codecov and minor lints (#252) --- .github/workflows/codecov.yml | 25 ++++++++++++ Dockerfile | 1 + README.md | 1 + coverage/pom.xml | 74 +++++++++++++++++++++++++++++++++++ doc/design.md | 15 +++---- pom.xml | 16 +++++++- 6 files changed, 124 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/codecov.yml create mode 100644 coverage/pom.xml diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml new file mode 100644 index 00000000..74cfb7d7 --- /dev/null +++ b/.github/workflows/codecov.yml @@ -0,0 +1,25 @@ +# This is based on: +# https://github.com/codecov/example-java-maven/blob/main/.github/workflows/ci.yml +name: Codecov +on: [push, pull_request] +jobs: + run: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up JDK 11 + uses: actions/setup-java@v1 + with: + java-version: 11 + - name: Install dependencies + run: mvn install -DskipTests=true -Dmaven.javadoc.skip=true -B -V + - name: Run tests and collect coverage + run: mvn -B test + - name: Upload coverage to Codecov + uses: codecov/codecov-action@v4 + with: + # To find this token, and how it is stored in the repo, see: + # https://docs.codecov.com/docs/adding-the-codecov-token + token: ${{ secrets.CODECOV_TOKEN }} + slug: google/fhir-gateway \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 26746167..604cfb09 100755 --- a/Dockerfile +++ b/Dockerfile @@ -29,6 +29,7 @@ COPY plugins/src ./plugins/src COPY plugins/pom.xml ./plugins/ COPY exec/src ./exec/src COPY exec/pom.xml ./exec/ +COPY coverage/pom.xml ./coverage/ COPY license-header.txt . COPY pom.xml . diff --git a/README.md b/README.md index 162cc118..a474394d 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,7 @@ [![Build Status](https://storage.googleapis.com/fhir-proxy-build-badges/build.svg)](https://storage.googleapis.com/fhir-proxy-build-badges/build.html) +[![codecov](https://codecov.io/gh/google/fhir-gateway/branch/master/graph/badge.svg)](https://app.codecov.io/gh/google/fhir-gateway/tree/master) FHIR Information Gateway is a simple access-control proxy that sits in front of a [FHIR](https://www.hl7.org/fhir/) store (e.g., a diff --git a/coverage/pom.xml b/coverage/pom.xml new file mode 100644 index 00000000..6c216b84 --- /dev/null +++ b/coverage/pom.xml @@ -0,0 +1,74 @@ + + + + 4.0.0 + + + com.google.fhir.gateway + fhir-gateway + 0.3.2 + + + com.google.fhir.gateway + coverage + coverage + Compute aggregated test code coverage + pom + + + true + ${project.parent.basedir} + + + + + com.google.fhir.gateway + server + ${project.parent.version} + + + + com.google.fhir.gateway + plugins + ${project.parent.version} + + + + + + + org.jacoco + jacoco-maven-plugin + + + report-aggregate + test + + report-aggregate + + + + + + + + diff --git a/doc/design.md b/doc/design.md index a8e3913b..7f47e551 100644 --- a/doc/design.md +++ b/doc/design.md @@ -553,10 +553,11 @@ In the main text, we refer to these examples by "all-patients", ## Notes [^1]: - The simplified - [Implicit](https://smilecdr.com/docs/smart/smart_on_fhir_authorization_flows.html#launch-flow-implicit-grant) - flow could work for our use-case too but that has important security - shortcomings. For example, it exposes access_token in URLs which can leak - through browser history. Another more important shortcoming is that we cannot - implement PKCE in the Implicit flow as the access_token is directly returned - in the first request. + +The simplified +[Implicit](https://smilecdr.com/docs/smart/smart_on_fhir_authorization_flows.html#launch-flow-implicit-grant) +flow could work for our use-case too but that has important security +shortcomings. For example, it exposes access_token in URLs which can leak +through browser history. Another more important shortcoming is that we cannot +implement PKCE in the Implicit flow as the access_token is directly returned in +the first request. diff --git a/pom.xml b/pom.xml index caaee14f..cea8ee4e 100644 --- a/pom.xml +++ b/pom.xml @@ -1,7 +1,7 @@ [![Build Status](https://storage.googleapis.com/fhir-proxy-build-badges/build.svg)](https://storage.googleapis.com/fhir-proxy-build-badges/build.html) -[![codecov](https://codecov.io/gh/google/fhir-gateway/branch/master/graph/badge.svg)](https://app.codecov.io/gh/google/fhir-gateway/tree/master) +[![codecov](https://codecov.io/gh/google/fhir-gateway/branch/main/graph/badge.svg)](https://app.codecov.io/gh/google/fhir-gateway/tree/main) FHIR Information Gateway is a simple access-control proxy that sits in front of a [FHIR](https://www.hl7.org/fhir/) store (e.g., a From 9e23553527942de432235213fd1b07a74785d413 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Mar 2024 23:25:38 -0400 Subject: [PATCH 4/5] Bump org.apache.maven.plugins:maven-compiler-plugin (#255) --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1686c3bb..f4171558 100644 --- a/pom.xml +++ b/pom.xml @@ -148,7 +148,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.13.0 11 From de6a96f9b5d3db00d0626362b9830e4d41cc49de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Mar 2024 04:56:26 -0400 Subject: [PATCH 5/5] Bump com.google.http-client:google-http-client from 1.43.3 to 1.44.1 (#239) --- server/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/pom.xml b/server/pom.xml index f8708197..e39d6aef 100644 --- a/server/pom.xml +++ b/server/pom.xml @@ -82,7 +82,7 @@ com.google.http-client google-http-client - 1.43.3 + 1.44.1